Contents

2016 started full of hope for Linux fans but those hopes were dashed when the much anticipated Ubuntu 16.04 and Fedora 24 landed chocked full of bugs and driver issues. Some of us who follow these things closely expressed dismay over the problems encountered by users. A few bug-a-boos are to be expected in new releases, but these were big Vietnamese Hissing Cockroach-sized bugs that turned out to be show stoppers for some users.

Canonical, the keepers of Ubuntu, seemed to spend more time worrying about phones and integrating Bash into Windows 10 than putting out a stable Long Term Support (LTS) desktop release. Canonical’s Ubuntu team did fix many of those issues and it is now almost as stable as the much-lauded 14.04 release. Most are happy with Ubuntu now or have moved on to greener pastures. ‘Nuff said.

While the fight against government-mandated software backdoors raged for most of 2016—including the showdown between Apple and the FBI over the San Bernardino shooter’s iPhone, and the UK’s new Investigatory Powers Act, which gives the government the power to demand UK companies backdoor their software to enable mass surveillance—the Core Infrastructure Initiative (CII) has been quietly working to prevent an even more insidious form of backdoor: malicious code inserted during the software build process without a developer’s knowledge or consent.

Desktop

Open source hardware is still atypical for the technology world. However, you can now enthusiastically opt for a fully open source notebook PC to work on your next projects without looking at a proprietary solution.

Called Libreboot C201, the latest offering is a dream come true for the open source community. It features a 1.8GHz ARM Rockchip RK3288 processor coupled with 4B RAM and 16GB eMMC storage and sports an 11-inch HD display. On the connectivity front, the laptop lacks a built-in Wi-Fi chip but does come with an Atheros Wi-Fi dongle that works with open source drivers.

Server

Kernel Space

Because the Linux kernel community celebrated a quarter-century of development in 2016, many people have asked us the secret to the project’s longevity and success. I usually laugh and joke that we really have no idea how we got here. The project has faced many disagreements and challenges along the way. But seriously, the reason we’ve made it this far has a lot to do with the community’s capacity for introspection and change.

About 16 years ago, most of the kernel developers had never met each other in person—we’d only ever interacted over email—and so Ted T’so came up with the idea of a Kernel Summit. Now every year kernel developers make a point to gather in person to work out technical issues and, crucially, to review what we did right and what we did wrong over the past year. Developers can openly and honestly discuss how they interact with each other and how the development process works. And then we make changes that improve the process. We make new tools, like Git, and constantly change how we work together.

Over time, this evolution has created a resiliency that has allowed the project to go from one strength to the next while avoiding the forks that have split the resources of competing projects. It may be many years before we fully understand the keys to the Linux kernel’s success, but there are a few lessons that stand out even now.

IBM is actively trying to lure developers into the blockchain world. The giant believes that blockchain “has the potential to transform the way industries conduct business transactions” but that can only happen if industry players work together and allow businesses to benefit from the network effect of this technology.

The Linux MD/RAID code was updated today in Git for the Linux 4.10 kernel with new functionality.

One of the new MD additions for Linux 4.10 is a RAID5 write-back cache feature. This aggregates writes to make a full stripe write and reduce read-modify-writes. MD maintainer Shaohua Li reported this feature should be good for workloads doing sequential writes followed by fsync. For now though this RAID5 cache feature is considered experimental and disabled by default. The r5c_journal_mode sysfs entry is used for setting the write-back or write-through cache mode.

VFIO, the Virtual Function I/O framework for exposing direct device access to user-space in a secure manner with IOMMU protection, has an important new interface with Linux 4.10.

VFIO in Linux 4.10 adds a Mediated Device Interface. This Mediated Device Interface is used for allowing software-defined devices to be exposed through VFIO while the host driver manages access to the interface.

The EXT4 file-system is seeing some new feature work with the in-development Linux 4.10 merge window.

The EXT4 feature pull request for the Linux 4.10 merge window queues the dax-4.0-iomap-pmd branch, which includes changes to use the new iomap framework for DAX. This makes the EXT4 DAX I/O code-paths utilize the iomap framework rather than their older DAX functionality, which then allows for more efficient block mapping, PMD page fault support, minor bug fixes, and improvements. DAX is the direct access support in the Linux kernel for file-systems to have more efficient, direct read/write access to persistent memory storage devices. This DAX iomap code being added via the EXT4 pull will also be shared with the XFS DAX code.

An interesting factoid caught my eye in an article published by Opensource.com this morning. The article was one of those interesting and easy-to-read listicles that many websites — even FOSS Force — likes to run occasionally called 9 Lessons from 25 Years of Linux Kernel Development, and the item that caught my attention was eighth on the list, under the heading, “The kernel shows that major developments can spring from small beginnings.”

Linux Kernel 4.9 was released this week and once more Collabora developers took part on the kernel development cycle. This time we contributed 37 patches by 11 different developers, our highest number of single contributors in a kernel release ever. Remember that in the previous release we had our highest number total contributions. The numbers shows how Collabora have been increasing its commitment in contributing to the upstream kernel community.

For those who want to see an overall report of what was happened in the 4.9 kernel take a look on the always good LWN articles: part 1, 2 and 3.

As for Collabora contributions most of our work was in the DRM and DMABUF subsystems. Andrew Shadura and Daniel Stone added to fixes to the AMD and i915 drivers respectively. Emilio López added the missing install of sync_file.h uapi.

The task of securing Linux systems is so mind-bogglingly complex and involves so many layers of technology that it can easily overwhelm developers. However, there are some fairly straightforward protections you can use at the very core: the kernel. These hardening techniques help developers guard against the bugs that haven’t yet been detected.

“Hardening is about making bugs more difficult to exploit,” explained Mark Rutland, a kernel developer at ARM Ltd, at the recent Embedded Linux Conference Europe 2016 in Berlin. There will always be dangerous bugs that manage to evade the notice of kernel developers, he added. “We do not yet know which particular bugs exist in the next kernel, and we probably won’t for five years,” he said, referring to Kees Cook’s recent analysis of kernel bug lifetimes.

Dave Chinner sent in the XFS file-system changes for the Linux 4.10 kernel.

The XFS feature updates for Linux 4.10 include making use of the iomap infrastructure that landed with the EXT4 pull. So XFS now has a new direct I/O implementation making use of iomap, which should be “simpler, faster, and has lower IO latency.”

The main feature addition to UBIFS with Linux 4.10 is native file encryption support.

UBIFS, the Unsorted Block Image File System for raw flash memory media, has file encryption via fscrypt with Linux 4.10. This fscrypt file-system encryption support is what powers EXT4′s file encryption and F2FS per-file encryption while now UBIFS has wired it up for offering optional file encryption.

The Linux Foundation, the nonprofit advancing professional open source management for mass collaboration, announces Doky has become a Gold member of The Linux Foundation. Doky is an online-based operating system, providing unique features such as a seamless cloud collaboration and storage solution and a quickly growing, fully integrated set of virtual desktop apps. Doky calls its service “fluid computing.”

Graphics Stack

Days after last month’s big X.Org Server 1.19 release, they followed closely with their updated NVIDIA Linux driver to provide support for their new ABI. Coming out now is support for xorg-server 1.19 with the older NVIDIA cards.

FBDEV has been slowly fading away for a number of years with DRM drivers becoming more friendly towards embedded use-cases and more. FBDEV hasn’t fully died off yet, but as of Linux 4.10 it’s now without a maintainer.

Today, December 14, 2016, Nvidia released a bunch of updated graphics drivers for UNIX platforms, including GNU/Linux on 64-bit, 32-bit, and ARM, as well as FreeBSD and Solaris operating systems.

Nvidia 375.26 is out as the latest long-lived branch, which means that it’s recommended for all users running a previous version of the graphics driver on their Linux, BSD, or Solaris distributions. This release resolves numerous issues reported by users lately, and adds initial support for Nvidia Quadro M3000 SE GPUs.

Benchmarks

If you have been curious how the performance of the GNU/Linux stack has evolved over 2016, I ran some benchmarks of the rolling-release Clear Linux from the start of 2016 compared to this week to see how gains in the upstream software have evolved as well as their aggressive out-of-the-box optimizations for this operating system out of Intel’s Open-Source Technology Center.

Clear Linux was used for this 2016 before/after comparison due to Intel’s aggressive performance optimizations made this year and that it’s a rolling-release distribution but with publishing new installer images for each release, which is on a near-daily basis, it’s easy to get the system back to its state far back in the past. This makes it much easier to run fresh benchmarks on an older state of Clear Linux compared to today, rather than using Arch Linux or another rolling-release where it’s less easy to get the system to a prior state long ago.

As of this week the Samsung 960 EVO NVMe M.2 SSDs have begun shipping for those interested in high-performance solid-state storage. For our benchmarking fun today I am looking at the Samsung 960 EVO 250GB NVM Express M.2 SSD (MZ-V6E25) with tests under Ubuntu 16.04 while using the Linux 4.9 kernel.

Applications

Today, December 14, 2016, the development team behind the Qt-based, open-source, free, and cross-platform qBittorrent BitTorrent client announced the general availability of the qBittorrent 3.3.8 and 3.3.9 maintenance updates.

After being in development for the last three months, qBittorrent 3.3.8 is here as the latest and most advanced stable version of the popular torrent and magnet downloader, implementing initial support for newer libtorrent APIs (Application Programming Interfaces) from the upcoming 1.1.x branch, which is currently in development.

Linux offers an unsurpassed breadth of open source small utilities that perform functions ranging from the mundane to the wonderful. These tools help make Linux a compelling operating system. This series of articles identifies indispensable open source utilities which make using Linux that bit more special.

You often hear that disk space is cheap and plentiful. And it’s true that a 4TB mechanical hard disk drive currently retails for a little over 100 dollars. But like many users I have moved over to solid-state drives (SSD) as my primary storage. SSD does functionally everything a hard drive does, but helps to make a computer feel more responsive. With a SSD, data is stored on interconnected flash memory chips that retain the data even when there’s no power present. SSDs are more expensive than mechanical hard drives in terms of dollar per gigabyte. And SSDs with 4TB capacity are thin on the ground and expensive, so most users settle for lower capacity SSDs.

Departing from its long tradition of making agentless backup products, Veeam has announced that it is now making an agented backup for Linux. While this may seem like a bit of an odd move for the company, they do point out that not all workloads can be virtualized because of hardware dependencies amongst other reasons. Now with this and the upcoming Agent for Microsoft Windows, Veeam will be able to backup more of enterprise environments.

Even though Veeam has made a name for itself with industry-leading, agentless backup solutions for virtualized environments, we are still constantly asked about backing up non-virtualized systems. Based on feedback and as a growth opportunity, we decided to launch Veeam Agent for Microsoft Windows (formerly known as Veeam Endpoint Backup FREE). Veeam Agent for Microsoft Windows will be available soon and it includes many top-requested features! We were also constantly asked about Linux systems, so we finally announced Veeam Agent for Linux and launched a beta.

It’s a backup tool so you know what it does, namely give you the ability to create copies of files, volumes or whole computers and put them in a safe place where you can get your hands on them should things go awry.

Back during the summer we wrote about the Bareflank Hypervisor as a new open-source hypervisor written in C++11/14 and served as more of a hypervisor framework. Today the company behind that effort, Assured Information Security, announced a new version of Bareflank.

Are you involved in DevOps and web development, or are you aiming to be? If so, you’re probably very aware of many of the tools from the open standards and open source arenas that can make your work easier. Still, these are always spreading out at a fast clip and there are some applications and tools that are rarely discussed. Here at OStatic, we try to regularly update our collections focused on them. In this post, you’ll find our newly updated collection of free resources for web development that range from complete online courses available for free to unsung applications.

Code School’s Beginners Guide to Web Development is a good place to start if you are new to the topic. It offers good advice on the basics, including making a plan and creating web pages.

Browsers

Let’s take a trip back in time to the early, simpler days of the web. A time when most of us used low-powered PCs or dumb terminals, often over slow dial-up connections. We generally visited web pages using command-line, text-only browsers like the venerable Lynx.

Jump forward to these days of web browsers like Firefox, Chrome, and Safari. You’d think that browsing the web at the command line would have gone the way of the tag. You’d be wrong. Web browsers that run in a terminal window are alive and kicking. They’re niche, but still get the job done.

Internet browser Opera has released a new stable desktop version for all users, and it comes with a few nifty features worth highlighting. The biggest addition in Opera 42 is the built-in currency converter tool that makes it very easy to convert amounts in foreign currency without leaving a tab. The browser is available for Windows, Mac, and Linux platforms.

We’ve been informed by Vivaldi’s Ruarí Ødegaard about the general availability of the second Release Candidate (RC) version of the upcoming Vivaldi 1.6 web browser for GNU/Linux, macOS, and Microsoft Windows operating systems.

Dubbed as Vivaldi Snapshot 1.6.689.32, the second RC of Vivaldi 1.6 has been released on December 13, 2016, just one day after the first Release Candidate version, which rebased the web browser on the open-source Chromium 55.0.2883.92 project and resolved a major regression for macOS users in regards with swiping through history.

In an unexpected turn of events, it appears that Vivaldi just launched today, December 15, 2016, the final release of the Vivaldi 1.6 web browser, as the team informs Softpedia through an embargoed press release.

The embargo just expired, so we’d like to invite our readers to read all about the new features bundled in Vivaldi 1.6, which had a very short development cycle, coming only three weeks after the November 22 release of Vivaldi 1.5, an exciting milestone that added support for controlling Philips Hue smart lights.

Fedora 25 is the latest update released for the Fedora distro. Fedora Workstation is an easy to use operating system for laptop and desktop computers, with a set of tools which are idle for everyone. Fedora is a global community that works together to lead the advancement of free and open source software. It is based on Red Hat which has scored well this time.

Games

Again, it’s really nice to see Topware bring older titles to Linux using Wine. As long as it works and it works well I couldn’t care less. It means it counts as a Linux sale (the most important thing) and it’s less hassle to not have to setup anything yourself.

So 2016 wraps up in a few weeks, which means we’re breaking out the content cliche bunting to decorate the place with ‘best of’ listicles. This one, in case you hadn’t already guessed, is a rundown of the best Linux games of 2016.

A few days ago I shared some fresh AMDGPU+RadeonSI benchmarks of Tomb Raider, Shadow of Mordor, and some other Linux games that need to be benchmarked manually due to shortcomings with these games. That earlier article with the open-source numbers was reserved for just Phoronix Premium supporters while available now to the public are those results compared to the new AMDGPU-PRO 16.50 Linux driver.

Last week I published AMDGPU-PRO 16.50 vs. Mesa 13.1-dev benchmarks using all of our Linux game testing suspects of titles that meet our automated and reproducible testing requirements. In this article are benchmarks of the other games that unfortunately don’t make the cut for our routine testing requirements and thus just receive the seldom treatment aside from when pursuing requests of Phoronix Premium readers.

Desktop Environments/WMs

K Desktop Environment/KDE SC/Qt

Today the Krita team releases Krita 3.1.0 ! Krita 3.1 is the first release that is fully supported on OSX (10.9 and later)! Krita 3.1 is the result of half a year of intense work and contains many new features, performance improvement and bug fixes. It’s now possible to use render animations (using ffmpeg) to gif or various video formats. You can use a curve editor to animate properties. Soft-proofing was added for seeing how your artwork will look in print. A new color picker that allows selecting wide-gamut colors. There is also a new brush engine that paints fast on large canvases, a stop-based gradient editor.

A few moments ago, the development team behind the powerful, open-source, free, and cross-platform Krita digital painting software proudly announced the final release of Krita 3.1.

After being in development for the past few months, Krita 3.1 is now that most advanced version of the application, bringing cool new features like full support for Apple’s Mac OS X operating system, as well as the ability to render an animation to MKV, GIF, MP4, or OGG files using the FFmpeg multimedia framework.

Qt 5.7.1 has been released today. It contains all the latest bug fixes and improvements, including everything from Qt 5.6.2 patch release as well as additional improvements and functionality not available in the Qt 5.6 branch.

The brand new Qt Creator 4.2.0 is also included in the Qt 5.7.1 offline installer packages as well as the online installer.

Qt SCXML is a new module in Qt that allows you to create state machines from State Chart XML and embed them into Qt C++ and Qt Quick applications (Overview). It was released as Technical Preview in Qt 5.7 and will be released fully supported with Qt 5.8.

Today, December 14, 2016, the Qt Company was pleased to announce the final release of the open-source, free, and cross-platform Qt Creator 4.2 IDE (Integrated Development Environment) for GNU/Linux, macOS, and Microsoft Windows platforms.

December 15, 2016. Today, KDE introduces KDE Applications 16.12, with an impressive array of upgrades when it comes to better ease of access, the introduction of highly useful functionalities and getting rid of some minor issues, bringing KDE Applications one step closer to offering you the perfect setup for your device.

The KDE community banded together today to issue their big KDE Applications 16.12 update.

Among the changes to KDE Applications 16.12 is adding the KWave sound editor to the bundle, Marble adds a wallpaper and widget mode, KCharSelect now handles Unicode emoticons, Cantor supports a Julia back-end, Ark archiving improvements, and many other changes.

Today, December 15, 2016, as expected, KDE announced the general availability of the KDE Applications 16.12 software suite for the KDE Plasma 5 desktop environments on various Linux-based operating systems.

KDE Applications 16.12 had a short development cycle, since November 10, 2016, when it entered Dependency Freeze stage. A Beta was announced one week later, on November 17, and the Release Candidate build landed two weeks later, on the first day of December. And now, you the final release is here with numerous goodies.

GNOME Desktop/GTK

During last weeks I have been working on the application interns and the user interface. I don’t publish anything last week because I was in a festival (Festival Internacional do Mundo Celta de Ortigueira) and I have no internet connection.

I have create a more Gnome-Shell like UI than the one I show you on the previous mockups and I think that it’s quite cool. I have also created modules to treat with languages, filters and more. You can view and critize the code on the GitHub Repository.

Behold, for this has never been done before on Dedoimedo. Several readers suggested that I perhaps expand my critique of all things open-source into a more personal dimension. Interviews, babe, interviews. I listened, I agreed, and here we are!

This is the first such interview attempt on Dedoimedo. First of many to come. Today, we will be conducting a written Q&A session with a member of the MX Linux team. Now, for those wondering who or what this distribution slash project might be, quote: “MX Linux is a cooperative venture between the antiX and former MEPIS communities, using the best tools and talents from each distro. It is a midweight OS designed to combine an elegant and efficient desktop with simple configuration, high stability, solid performance and medium-sized footprint.” MX Linux caught the attention and high praise of Dedoimedo recently, with a very solid MX-15 release, and I had recently titled it as one of the top Xfce releases of 2016. Let us expand, shall we.

Reviews

One of the most anxiously awaited distributions in the Linux world this autumn was Zorin OS. The anxiety was intense, since the last release of Zorin OS 11 stopped receiving any updates long ago because it was based on the non-LTS version of Ubuntu. Zorin OS 12 was finally released on the 18th of November 2016 with the additional release of an updated ISO image on the 20th of November. There were no reports on the official blog about the reasons for the re-release.

Let us continue where we started with the KDE/Plasma nominations. It is time to vector our all-seeing eye toward another desktop environment – Xfce. Once upon a time, it used to be a bland, boring offering that could not stand up to the likes of Gnome 2 and KDE 3.5. But then, slowly, it emerged from the ashes like a Phoenix, and persistently, steadily earned its place among the big ones, standing tall, stable, sturdy, and just plain good.

In a way, Xfce now fills the void that was created when Gnome 3 came to life, and many years later, it is still there. But then, Xfce has also left its austerity behind, and it is trying to cater to the modern-era users with all the goodies people expect, without sacrificing its simple approach to fast, no-nonsense computing. So let us see what Year 2016 has blessed us with. To wit, our candidates.

New Releases

Very often Linux enthusiasts complain regarding the fragmentation due to hundreds of distributions. Each distribution has its own libraries, kernel configuration, pre-installed software, etc. However, the same variety makes Linux unique. Every person can create his/her own Linux distro and customize it.

If we take a look at the vast list of various Linux distributions, there are specialized solutions for hackers, power users, artists, and gamers. But, there’s a dearth of distros that claim to serve the unique needs of programmers, probably, because most Linux-based operating systems are customizable and a developers can install all the useful tools in no time.

OpenSUSE/SUSE

To state that not much has been happening in openSUSE Tumbleweed is an understatement as there were seven snapshot this week.

Life, however, is full of surprises and irony and this article just might end with a little.

The beginning of the week started with snapshot 20161208 that had a change that affects Python users. The update of python3-setuptools to version 30.2.0 dropped support for Python 3.2, which was released in February of 2011. The snapshot also provided an update to Kernel firmware 20161130 with patches affecting Intel Bluetooth.

Red Hat Family

Red Hat, Inc. (RHT), the world’s leading provider of open source solutions, today announced that KeyBank, one of the United States’ largest bank-based financial services companies, used the Red Hat OpenShift Container Platform to expand the bank’s digital banking capabilities.

Congratulations! As your company transitions to software-defined data centers, you’ve been put in charge of storage. Dream assignment, but so many choices. The good news is that by using open source storage software on industry standard hardware, you break the uncomfortable constraints of vendor lock-in. The bad news is there are so many choices of configurations to choose from. Where to start?

[...]

Red Hat is the curator of reference architectures in the world of OpenStack and cloud-based storage, maintaining libraries of in-depth reference architectures, all free for the taking. Search Red Hat’s publications and data assets here.

Most of us programmers go through technical interviews every once in a while. At other times, many of us sit on the opposite side of the table running these interviews. Stakes are high, emotions run strong, intellectual pressure builds up. I have found that an unfortunate code review may turn into something similar to a harsh job interview.

While it is theoretically in the best interest of the whole team to end up with high quality code, variations in individual’s technical background, cultural differences, preconceptions built up on previous experience, personality quirks, and even temper may lure people into a fierce fight over relatively unimportant matters.

Consider an imaginary pull request. There we typically have two actors: the author and code reviewers. Sometimes authors tend to overestimate the quality of their code which provokes them to be overly defensive and possibly even hostile to any argument. People reviewing the code may find themselves being in a position of power to judge author’s work. Once the actors collide over a matter where they take orthogonal and sufficiently strong sides, all is fair in love and war.

Customers and partners routinely tell me they want to create a “culture of innovation” in their organizations. By this, they usually mean that they want to create contexts where certain actions—those that generate new and unforeseen sources of value capable of fueling growth—are not only expected but also commonplace.

Fedora

Each Fedora release is supported for a given time period. Approximately one month after Fedora release X+2, Fedora release X will go end of life (sometimes called EOL). Fedora 25 was recently released, so Fedora 23 will be going end of life shortly. The part of end-of-life that most users notice is that there are no more updates released. Another aspect of end-of-life is cleaning up bugs filed in Bugzilla. An automated script is used to close all bugs that are still open for an EOL release. The goal of closing EOL bugs is to make overall Bugzilla management easier and make sure the right bugs are getting attention.

Debian Linux and the Fedora Project are among the most influential Linux distributions of all time. Not only are both Debian and Fedora among the top ten for page hits on Distrowatch, but many of the other top ten are derived from them. But why would you pick one over another?

To be honest, the differences are fewer than they were fifteen years ago. In 2003, when Fedora began, Debian was the main representative of the .deb package format, and Red Hat, Fedora’s predecessor, represented the .rpm format, and your Linux experience was very different depending on which you chose. Since then, the differences have diminished, but there are still subtle differences that might influence your choice.

However, those differences no longer include package management. Around the turn of the millennium,.debs were alone in resolving package dependencies, but .rpms added the feature long ago. Today, contrary to old myths that refuse to die, using Fedora’s dnf command to install packages is roughly equivalent to installing packages with Debian’s apt- get. Even the comparative slowness of yum, dnf’s predecessor, has become irrelevant as the change of tools becomes complete.

Where differences do exist is in the organization, governance, available system architectures, package repositories, and default installations. These differences may affect your choice, or simply be necessary to know to avoid uncertainty.

Debian Family

Today in Linux news Bruce Byfield compared and contrasted two of “the most influential Linux distributions of all time.” While more alike than one imagines, Byfield outlined the differences as why to “pick one over another.” Elsewhere, Dedoimedo interviewed the MX Linux team and discussed Xfce distributions in other posts. Michael Larabel reported today that the FBDEV maintainer has quit and Google blogged of the year’s top searches.

Derivatives

The development team behind the Debian-based antiX MX GNU/Linux distribution was pleased to announce the final release of antiX MX-16 “Metamorphosis.”

Based on the latest stable Debian release, namely Debian GNU/Linux 8.6 “Jessie,” the antiX MX-16 operating system is a major release that comes approximately one year after the previous version, antiX MX-15, and promises to offer users a collection of the latest and greatest GNU/Linux technologies and Open Source software applications.

Canonical/Ubuntu

Two long-time Ubuntu developers have given their notice. It’s probably just a coincidence, but if more leave it could only be bad news. Elsewhere, Tumbleweed has seen five releases in as many days and CoreOS has changed its name. Bash got a new logo and blogger DarkDuck said Zorin OS 12 is a diamond in the rough.

It’s a bit strange to write this blog post in the same week as Martin Pitt is announcing moving on from Canonical. I remember many moments of Martin’s post very vividly and he was one of the first I ran into on my flight to Sydney for Ubuntu Down Under in 2005.

Pure Engineering, which was behind the GroupGets backed PureThermal 1 set of FLIR Lepton accessories, among other gizmos, has gone to Kickstarter to launch a “PUREmodules” family of connectible prototyping modules for IoT. The campaign has more than doubled its $1,000 goal for the first two modules: The nRF52 Core Module goes for $19 to $29, with shipments ranging from January to March, and the $39 Super Sensor Module that connects to it ships in February.

Bremen, Germany-based thin client vendor IGEL Technology has announced the IGEL UD Pocket, which it is describing as a revolutionary new product. It has a dual-boot system that offers simple and secure access to the user’s IGEL Linux 10-powered desktop.

Almost every major industry player in operating systems, both desktop and mobile, has cooked up a virtual personal assistant product, and then there are many other independent efforts as well. But how many open source virtual personal assistants are there? The sad answer is that there really aren’t many, but someone has made a large effort to increase the accessibility of this type of project and bring it into the open source community, so read on for our interview with Tanay Pant, author and maintainer of the virtual personal assistant Melissa.

As we’ve noted here before, when it comes to top open source stories of the past couple of years, it’s clear that one of the biggest is the proliferation of tiny, inexpensive Linux-based computers at some of the smallest form factors ever seen. The diminutive, credit card-sized Raspberry Pi, which has been priced at only $25 and $35, has grabbed most of the headlines in this space, and came out recently in a new version with WiFi and many other new capabilities, including integration with Android. The Pi is taking on Docker smarts. If you want to work with Docker on your Raspberry Pi, all you need is Hypriot OS, a new Debian derivative designed to run Docker on the Pi.

Phones

Tizen

Android

Google Assistant is coming to ChromeOS. It’s unsurprising, as Google CEO Sundar Pichai has said the company’s vision is to bring Assistant everywhere, but we now have official confirmation.

In an interview with the Telegraph, Android and ChromeOS chief Hiroshi Lockheimer says the two operating systems will not merge, as in they will not be running the same source code. However, there will be a few features that unite the two together.

The Nextcloud team has released version 11 of the fully open source file sync and storage platform. This release boasts a plethora of security features.

Frank Karlitschek, co-founder and managing director of Nextcloud, told me in an interview that the “privacy of a self-hosted solution depends on its security, and staying in control of data is the main motivation for our customers to deploy Nextcloud. Security is thus obviously a core focus for us. Second to that is reducing the costs of hosting Nextcloud instances by improving its scalability and performance.”

I’ve been doing open source documentation for a long time. Over the past decade, there have been a lot of attitude shifts regarding authoring and publishing. Some of these trends seem to go in cycles, such as the popularity of semantic markup. The latest trends move documentation closer to code, what many have called docs as code. Let’s look at a few of the larger themes in documentation trends…

Docker has been steadily open sourcing some of its architectural components. In its lates move, the company is open sourcing containerd, an important infrastructure component in its container platform.

As The Register noted: The “d” stands for “daemon” – containerd is a daemon, or automated process, to control runC, the standard container runtime released by Docker last year, and since reclassified as something less than a runtime following community input. Containerd handles transferring container images, container execution, and low-level storage and network interfaces across Linux and Windows.

After months of conversation and debate, Docker is making a dramatic move by extracting the core container runtime from the Docker Engine and spinning it off into a separate independent project.
Solomon Hykes, the founder of Docker and the pioneer of the modern application container revolution, really wants to make sure that the Docker community and the container revolution will continue to grow in 2017 and beyond. To that end, Docker Inc announced on Dec. 14, the newly re-focused containerd (Con-tay-ner-D) initiative that will see the core container runtime from the Docker Engine spun-out into its own separate community project, with open, vendor-neutral governance.

Today we’re announcing the release of Kubernetes 1.5. This release follows close on the heels of KubeCon/CloundNativeCon, where users gathered to share how they’re running their applications on Kubernetes. Many of you expressed interest in running stateful applications in containers with the eventual goal of running all applications on Kubernetes. If you have been waiting to try running a distributed database on Kubernetes, or for ways to guarantee application disruption SLOs for stateful and stateless apps, this release has solutions for you.

Accelerite, which provides software for simplifying and securing enterprise infrastructure, is out now with the Accelerite CloudPlatform, powered by Apache CloudStack. This is yet more evidence that since CloudStack was open sourced, it has retained some momentum.

Accelerite CloudPlatform now integrates with Kubernetes, an open-source system for automating deployment, scaling, and managing containerized applications.

Please find below a few quick links to all of the OSI Affiliate Members’ donations pages. As an OSI Affiliate, we’ve ensured each is a non-profit organization and, depending on your location, your contribution may be tax-deductible: “Many donations make all bugs shallow”.

Events

During OSCON a few years ago, Nicole Engard stopped to chat with a few representatives of women-in-tech nonprofit ChickTech. Today, she’s the founder and coordinator of the organization’s chapter in Austin, Texas.

[...]

At the event, girls had a chance to work on hands-on Raspberry Pi and Arduino projects, learn open source programming languages, share code on GitHub, and more.

Crate.io on Wednesday announced the general availability of the first non-beta release of CrateDB 1.0, an open source SQL database that enables real-time analytics for machine data applications. This release is an upgrade from version 0.57.

CrateDB is an SQL database alternative to NOSQL machine data management solutions. It gives mainstream SQL developers access to machine data applications that previously were available only using NoSQL solutions.

“CrateDB is one of the few systems in the space that can enable JOIN to handle a large amount of machine data,” said Christian Lutz, CEO of Crate.io.

Founded in 2014, the company’s goal was to reinvent SQL for the machine data era, he told LinuxInsider. Today, 75 percent of its customers use CrateDB to manage machine and Internet of Things data because of its ease of use, performance and versatility.

Berlin, December 14, 2016 – The Document Foundation announces the new Extensions & Templates website, which offers an improved user experience to both developers and end users: https://extensions.libreoffice.org. The resource is now based on the latest version of the Plone open source Content Management System, and has been both coordinated and developed by Andreas Mantke, deputy member of the board at The Document Foundation.

Pseudo-Open Source (Openwashing)

Win-win: Open-source .Net pays off for devs [Ed: This headline is an utter lie and basically Microsoft openwashing from IDG (.NET is proprietary). The lie about .NET being "open source" was reposted with different headlines in Computerworld Australia, Computerworld (US), and CIO.]

BSD

LLVM developers are moving ahead with their new versioning scheme where they will always be bumping the major version component with each six-month release. Thus LLVM 4.0 and LLVM 5.0 are expected in 2017.

Public Services/Government

The Canton of Geneva (Switzerland) has published the first components of the source code of its electronic voting system as open source code, under the GNU Affero general public license. The software is used for votes or elections by the cantons of Basel (city), Bern, Geneva and Lucerne. The Canton of Aargau will start using the software next year.

Open source has already taken the world by storm. Businesses from across industries are embracing it. Earlier open source was just a tiny revolutionary idea that was not given any hope, but it has now become not just mainstream but possibly the only stream. The world has realized its importance and benefits over other closed source languages and tools. More importantly, start-ups have started embracing open source whole heartedly to gain an edge over their competitors. But the question is, how are they utilizing it to their advantage and how is it benefiting them?

There are several benefits to creating programs and processes that help companies and other organizations achieve open source compliance. On the flip side, there are many risks that companies face when they fail to comply with open source licenses.

Openness/Sharing/Collaboration

Open Hardware/Modding

A few weeks ago, if I had heard of the RISC-V Instruction Set Architecture (ISA), it was only in passing. How things have changed. Kevin Morris has covered the announcement that RISC-V IP is available for a wide range of Microsemi’s FPGAs. Around the 5th RISC-V workshop in November, there was a flurry of announcements. At several meetings and conferences I have attended, RISC-V has been discussed in the informal sessions. And now there are rumours in various places on the Internet that Samsung is planning a device using RISC-V.

Programming/Development

Another update, now at release 0.1.2, of anytime arrived at CRAN earlier today.

anytime is a very focused package aiming to do just one thing really well: to convert anything in integer, numeric, character, factor, ordered, … format to either POSIXct or Date objects — and to do so without requiring a format string.

Security

Microsoft has sneaked out a patch to get Windows 10 PCs back online after an earlier update broke networking for people’s computers around the globe.

Since the end of last week or so, systems in the UK, US, Europe and beyond automatically installed software from Microsoft via Windows Update that broke DHCP. That meant some computers couldn’t obtain their LAN-side IP addresses from their broadband routers, effectively randomly kicking them off the internet and their own local network. That confused the hell out of a lot of netizens.

For years now, we’ve noted that some companies apparently think it’s a good idea to punish security researchers that expose vulnerabilities in their products, even when the researchers use the proper channels to report their findings. This kind of absurdity runs hand-in-hand with international attempts to criminalize security research — or the tools researchers use — to do their jobs. Obviously, this kind of behavior has one tangible end result: it makes all of us less secure.

The latest chapter in this saga of myopic bumbling comes courtesy of PwC, which for whatever reason decided that the best response to a major security flaw found in one of the company’s products was to to fire off a cease and desist letter aimed at the researchers. More specifically, Munich-based ESNC published a security advisory earlier this month documenting how a remotely exploitable bug in a PwC security tool could allow an attacker to gain unauthorized access to an impacted SAP system.

A flurry of industry surveys have flagged open source and unlicensed software as growing security threats. Moreover, a review released by Flexera Software also found that the very security products designed to protect IT infrastructure are themselves riddled with vulnerabilities embedded in open source software.

While agreeing that malware is a growing threat, other observers counter that the culprit is the growing use of unlicensed software.

The Flexera security software survey conducted between August and October found that 11 security software products from vendors such as IBM (NYSE: IBM), McAfee and Splunk showed up on its list of 20 products with the most security vulnerabilities. Hence, the survey emphasizes that software developers need greater visibility into open source components so they can identify vulnerabilities and quickly issue security patches. Those patches are generally available as soon as vulnerabilities are announced.

If you’re a Yahoo user, you should strongly consider closing your account. If you decide to keep your account open, you might as well post your username and password to Facebook and send them out in a tweet, for all the good Yahoo’s security precautions will do for you.

If you need any proof that malware is a business much like any other — with the big exception that it’s illegal — all you have to do is look at the latest ploy being used by the currently-in-development ransomware called Popcorn Time that was discovered December 7 by MalwareHunterTeam. The folks behind the malware are incorporating a scheme to drum up business that’s directly from a Marketing 101 textbook.

If Popcorn Time grabs a computer and encrypts it’s files, the hapless victim is offered two choices to get the data returned to its pristine state. One is the traditional method — the authors of the malware call it “the fast and easy way” — of paying a ransom of a Bitcoin, which is about $773 at the current rate. If the price is too steep for the victim’s pocketbook, there’s another option that the malware authors call “the nasty way,” which is a new twist on the tried and true “refer a friend” promotions that have been used by legitimate businesses forever.

NETGEAR HAS confirmed that a number of its routers have a security vulnerability which can be triggered by a malicious weblink from one machine on the network allowing a code injection allowing access to every attached device.

The discovery, VU #582384, which came to light late on Friday, has been validated by the US Computer Emergency Readiness Team (CERT) as affecting models including the R6250, R6400, R6700, R7000, R7100LG, R7300, R7900, and R8000.

Defence/Aggression

Saudi Arabia, Kuwait and Qatar are supporting extremist Islamic groups in Germany, according to a leaked intelligence report.

A brief seen by the Süddeutsche Zeitung and broadcasters NDR and WDR raised concern over a reported increase in support for fundamentalist Salafism in Germany, warning that the ideology already has 10,000 followers and is growing.

Environment/Energy/Wildlife/Nature

Scientists will need to speak up about their research and the importance of scientific integrity — or risk not being heard by the incoming administration, said the U.S. interior secretary Sally Jewell at the meeting of the American Geophysical Union today.

Her talk was a carefully worded call to arms for scientists to become part of the political process. “If you’re not at the table, you’re on the menu,” she said. Part of that will require learning how to talk about science not only in the kind of language a layperson can understand, but also in the language of dollars and cents. Communicating science’s value will be critical in order to appeal to an increasingly business-oriented administration.

“When you have a President-elect of the United States that’s in the real estate development business, your science matters,” she said. “Nobody wants to build a building in harm’s way if they’ve got good data that tells them where they can build it out of harm’s way.”

The government is installing energy-efficient lights and solar technology in more than 100 mosques in 2016 and plans to expand the program over the next five years to include 15,000 state-funded mosques. That represents nearly 30% of all mosques in the country.

The so-called “green mosques” initiative is part of Morocco’s ambitious push into renewable energy. It’s spending billions of dollars to wean itself off imported fuel and reduce emissions by ramping up the use of energy efficient technology and renewables.

As it stands now, nearly 95% of energy in Morocco comes from abroad, according to the International Energy Agency‌.

Finance

Donald Trump says his platform for reviving economic growth is designed to slash the nation’s trade deficit, restoring the country’s exports to past glory.

Instead, he could be about to expand the U.S. trade deficit to levels not seen since the financial crisis. That could fan flames of trade conflict in an increasingly protectionist world.

Mr. Trump’s plans to boost government spending on infrastructure and cut taxes have spurred a rise in the dollar. If the president-elect delivers on his promised policies, argues William Cline, a senior fellow at the Peterson Institute for International Economics, the dollar’s likely to strengthen further.

Uber has been ordered by state regulators to stop using self-driving cars in California, according to the Associated Press, at least until it secures the necessary permit issued by the state to allow companies to test autonomous vehicles on public roads. The California Department of Motor Vehicles issued a statement saying Uber was expected to secure such a permit, but Uber maintained that it did not require this clearance because its vehicles were not fully self-driving and have a driver onboard at all times.

Ronna Romney McDaniel is President-elect Donald Trump’s choice to become the Republican National Committee chair next year, the RNC said Wednesday.

Romney McDaniel, who is currently the chairwoman of the Michigan Republican Party and the niece of 2012 GOP nominee Mitt Romney, will succeed current RNC chair Reince Priebus, who has been tapped to be Trump’s chief of staff.

I am about twenty four hours behind on debunking the “evidence” of Russian hacking of the DNC because I have only just stopped laughing. I was sent last night the “crowdstrike” report, paid for by the Democratic National Committee, which is supposed to convince us. The New York Times today made this “evidence” its front page story.

It appears from this document that, despite himself being a former extremely competent KGB chief, Vladimir Putin has put Inspector Clouseau in charge of Russian security and left him to get on with it. The Russian Bear has been the symbol of the country since the 16th century. So we have to believe that the Russian security services set up top secret hacking groups identifying themselves as “Cozy Bear” and “Fancy Bear”. Whereas no doubt the NSA fronts its hacking operations by a group brilliantly disguised as “The Flaming Bald Eagles”, GCHQ doubtless hides behind “Three Lions on a Keyboard” and the French use “Marianne Snoops”.

[...]

Of course there were hacking and phishing attacks on the DNC. Such attacks happen every day to pretty well all of us. There were over 1,050 attacks on my own server two days ago, and many of them often appear to originate in Russia – though more appear to originate in the USA. I attach a cloudfare threat map. It happens to be from a while ago as I don’t have a more up to date one to hand from my technical people. Of course in many cases the computers attacking have been activated as proxies by computers in another country entirely. Crowdstrike apparently expect us to believe that Putin’s security services have not heard of this or of the idea of disguising which time zone you operate from.

Craig Murray, former British ambassador to Uzbekistan and a close associate of Wikileaks founder Julian Assange, told Dailymail.com that he flew to Washington, D.C. for a clandestine hand-off with one of the email sources in September.

‘Neither of [the leaks] came from the Russians,’ said Murray in an interview with Dailymail.com on Tuesday. ‘The source had legal access to the information. The documents came from inside leaks, not hacks.’

in order to help Donald Trump become the next president, but does the evidence back up the accusations? More than a month after his victory, why is the anti-Russia hysteria still being ramped up by the establishment and Democratic Party?

All signs point to leaking, not hacking. If hacking were involved, the National Security Agency would know it – and know both sender and recipient.

In short, since leaking requires physically removing data – on a thumb drive, for example – the only way such data can be copied and removed, with no electronic trace of what has left the server, is via a physical storage device.

A coalition of groups opposed to Donald Trump are planning demonstrations in all 50 state capitals on Monday, targeting the meetings of a historic and much-disputed organization: the Electoral College.

Their goal is a long shot: persuading enough electors to abandon commitments to vote for Trump, somehow denying him the majority he needs to claim the presidency.

“Electors were given the responsibility by our Founders to vote for whoever will be the best person for the job as President,” said Democracy Spring organizer Tania Maduro. “Electoral College, only you can save us.”

Under the U.S. Constitution, voters do not vote directly for presidents; they vote for members of the Electoral College who vote for presidents during post-election meetings in each state. In most cases, candidates who win statewide votes claim all the electors in those states.

Michael Moore hopes that the Electoral College will have what he describes as a “Profiles in Courage moment” and deny Donald Trump the White House.

After saying that Bush was “asleep at the wheel the month before 9/11,” Moore claimed that now “we have a president-elect who doesn’t even want to get behind the wheel. This is actually worse. He’s putting all of us in danger,” during his interview with MSNBC’s Lawrence O’Donnell on Tuesday.

Moore, who took Trump seriously often, also expressed concern that Trump could “take away our constitutional rights” should some crisis break out early in his administration.

“I want my fellow Americans, regardless of if they’re Democrats, Republicans, whatever you are, we have to come together and say, ‘This man cannot be at the helm of this ship,’” Moore urged his fellow Americans in the event that that happened.

As many as 30 Republican members of the Electoral College are willing to break their pledge and vote against Donald Trump in order to block him from becoming the US President, according to a Harvard University law professor.

Larry Lessig, who was himself briefly a candidate for the 2016 Democratic nomination, has been offering legal support to electors on their right to “vote their conscience” – that is, to reject the mandate given to them by the winner of the popular vote in their specific state.

Most states bind their electors to the popular vote by state law, but Mr Lessig said there was precedent to say these are federal officials, granted powers by the federal constitution, who should “be able to exercise their independent and nonpartisan judgement about who to vote for”.

Forty members of the Electoral College on Tuesday signed a letter demanding an intelligence briefing on Russian interference in the election ahead of their Dec. 19 vote.

Ten electors originally signed the letter when it was published Monday, and 30 more have since added their names.

The open letter — led by Christine Pelosi, the daughter of House Democratic Leader Nancy Pelosi (Calif.) — urged Director of National Intelligence James Clapper to give a detailed briefing on President-elect Donald Trump’s ties to Russia.

In the days leading up to his inauguration, President-elect Donald Trump is making a lot of promises to voters.

The latest: “We’re going to start saying Merry Christmas again.”

At a stop in Grand Rapids, Mich., on his victory tour around the U.S., Trump heralded the Christian holiday and commented that around the holidays department stores put up decorations such as bells, red walls and fake snow and but “They don’t have have Merry Christmas.’”

The existence of paper ballots is generally touted as the ultimate backstop guaranteeing the integrity of American elections, because “if there is a problem or any doubts, those ballots can always be recounted.”

They can be — but will they be?

Now we have seen three “recounts” up close and learned that, in practice, this amounts to a false and dangerous assurance. The effort to recount these ballots, where they do exist, has been blocked, subverted, and turned into a sham in each of the three states in which it has been attempted this month.

After eight years of being banished and sometimes vilified by the Obama administration, the fossil fuel industry is enjoying a remarkable resurgence as its executives and lobbyists shape President-elect Donald Trump’s policy agenda and staff his administration.

The oil, gas and coal industries are amassing power throughout Washington — from Foggy Bottom, where ExxonMobil chief executive Rex Tillerson is Trump’s nominee to be secretary of state, to domestic regulatory agencies including the departments of Energy and Interior as well as the Environmental Protection Agency.

“It feels like the grizzly bear in ‘The Revenant’ has been suddenly pulled off our chest,” said Luke Popovich, a spokesman for the National Mining Association.

Whether it happens this month or not, the electronic voting systems in our state must undergo a full forensic evaluation by independent computer security experts. Without that evaluation and subsequent changes both in the machines and the procedures for using them, votes cast for our local, state and federal government will always be at risk for error or manipulation, and we can never be fully certain that the outcomes of our elections reflect the will of the voters.

A number of years ago, I acquired two different electronic voting machines (known as DREs) from government surplus sales – the type used in Philadelphia County and the type used in Montgomery County – and, with Lehigh students, dismantled and examined them. In my assessment, none of the DREs used in Pennsylvania are capable of retaining a permanent physical record of each vote cast, which is required by the Pennsylvania Election Code. Many of the voting machines used in Pennsylvania, including those used in Philadelphia, create no permanent, physical record of each vote cast – in other words, these machines leave no paper trail.

In 1977, Carl Bernstein published an exposé of a CIA program known as Operation Mockingbird, a covert program involving, according to Bernstein, “more than 400 American journalists who in the past 25 years have secretly carried out assignments for the Central Intelligence Agency.” Bernstein found that in “many instances” CIA documents revealed that “journalists were engaged to perform tasks for the CIA with the consent of the managements of America’s leading news organizations.”

Fast-forward to December 2016, and one can see that there isn’t much need for a covert government program these days. The recent raft of unverified, anonymously sourced and circumstantial stories alleging that the Russian government interfered in the US presidential election with the aim of electing Republican Donald J. Trump shows that today too much of the media is all too happy to do overtly what the CIA had it once paid it to do covertly: regurgitate the claims of the spy agency and attack the credibility of those who question it.

Censorship/Free Speech

For noted Bangladeshi writer Taslima Nasreen, who has faced the ire of fundamentalists on several ocassions, self-censorship is the worst form of censorship.

With attacks against writers, minority religious leaders, and atheist bloggers on the rise in Bangladesh, Nasreen says many authors have now been forced to resort to self-censorship to avoid facing fatal consequences.

“In our part of the world we have problems regarding freedom of expression. Many people do not speak what they want to. And, most writers in Bangladesh now self-censor themselves. Otherwise they will be hacked to death. But, for me it is the worst form of censorship,” she said.

Waves of protests against the government have taken place across various parts of Ethiopia since November 2015. These protests have consistently been quashed by Ethiopian security forces using excessive, sometimes lethal, force, which led to scores of injuries and deaths. The crackdown on protests was accompanied by increasingly severe restrictions on access to information and communications in large parts of the country by cutting off internet access, slowing down connections and blocking social media websites.

Recently we published a post about what appeared to be a possible internet shutdown in Ethiopia during a wave of ongoing protests by ethnic groups. Today, in collaboration with Amnesty International we are releasing a report that includes evidence of recent censorship events during Ethiopia’s political upheaval.

Two Yle journalists have resigned from the company over what they say are restrictions on their freedom of speech and a working culture hostile to journalistic practices. The two had published stories about Prime Minister Juha Sipilä’s family links to a subcontractor of the state-owned and state-subsidised ex-Talvivaara mine, but disputed editorial decisions to shelve follow-up stories.

“We are going to make a confession: in Colombia, journalists publish much less than what they know.” Thus begins the promotion video of the newly-formed network of journalists called The League Against Silence, which, through its first activity, is seeking resources to cover the most self-censored issues in the country.

The confession from the journalists does not seek controversy. What the league wants is to generate debate and solutions for one of the most serious problems facing Colombian journalists, especially those in the interior of the country: self-censorship.

The rules that are followed by the censorship committee are those which have been presented to us by the government. Nothing has changed, and it is certainly not arbitrary. It is a myth that the film Befikre went without any cuts. Our job is to suggest edits to the producers and they can make the changes and send the film back for reconsideration. 82 per cent of the films (Bollywood or otherwise) have been passed without any cuts, so we are very fair. Also I don’t make the decision alone. The film is put up for review to a committee where every member gets a say. Only unanimous decisions based on conscience are passed. Otherwise they film is sent to a review committee. Our job is not to look into the implications of Freedom of Expression — only to review objectionable content.

If there were a rogues’ gallery for all those who have made significant contributions to the recent decline in global democracy, it would prominently feature Dmitry Kiselyov and Lu Wei.

As Vladimir Putin’s chief propagandist, Mr. Kiselyov bears considerable responsibility for ushering in what some call the post-truth era, in which lies, fabrications and fake news increasingly shape the political debate in dictatorships and democracies alike. And until recently, Mr. Lu was the field marshal of China’s ambitious system of internet censorship. As the boss of a vast thought-control bureaucracy, he is credited with perfecting an Orwellian structure of information regulation of unprecedented scope and complexity.

A free press and access to information are the crown jewels of modern democracy. Honest elections, fair trials, equality before the law — all are vulnerable without dedicated and ethical journalists and laws that protect the press from dangerous laws proposed by people of bad faith.

Censorship and propaganda were once regarded as sources of shame, even in authoritarian settings, and the officials who carried out these shabby projects were shadowy figures unknown to the outside world. In the 21st century, however, things have changed.

Privacy/Surveillance

The Shadow Brokers hacker group, believed to be behind the high-profile cyber theft of NSA cyber tools, now appears to have put up the stolen cyber weapons for direct sale on an underground site, according to a report. A newly uncovered site reportedly contains a file with the cryptographic signature of the Shadow Brokers, indicating that the hacker group has abandoned its auction and is now moving to directly sell the NSA hacking tools.

Nearly three years after it was first mooted, the National Highway Traffic Safety Administration published a Notice of Proposed Rulemaking on Tuesday that will mandate vehicle to vehicle (V2V) communication systems in all new cars and trucks. Once the rule is finalized, car makers will have two model years to begin including V2V systems, with some added leeway for product cycles. V2V-equipped cars will communicate with each other at short ranges to prevent the kinds of accidents where current advanced driver assistance systems, most of which depend on line of sight, aren’t effective.

YOU MIGHT HAVE thought that Amazon Web Services (AWS) would be delighted to tell the nation all about its newly announced UK data centre on BBC Radio 4′s flagship Today news programme. Not a bit of it.

Evernote has published an update to its Privacy Policy, revealing that as of 23 January 2017, employees will be able to access unencrypted notes. The change is being wheeled in because of the apparent failings of machine learning.

Perhaps more worrying is the fact that Evernote says that it is not possible to opt out of having employees possibly accessing your unencrypted notes. The only way to fully protect your privacy is to delete all your notes and close your Evernote account.

The update to the Privacy Policy starts off sounding fairly innocuous: “The latest update to the Privacy Policy allows some Evernote employees to exercise oversight of machine learning technologies applied to account content, subject to the limits described below, for the purposes of developing and improving the Evernote service”.

In the summer of 2013, when documentary filmmaker Laura Poitras was shooting a still-secret NSA leaker named Edward Snowden in a Hong Kong hotel room, she took security seriously. She’d periodically transfer her footage to encrypted hard drives, and would later go so far as to destroy the SD cards onto which her camera recorded. But as she watched Snowden through her lens, she was haunted by the possibility that security agents might barge through the door at any moment to seize her camera. And the memory card inside of it remained dangerously unencrypted, full of unedited confessions of a whistleblower who hadn’t yet gotten his secrets out to the world.

Today, Freedom of the Press Foundation is publishing an open letter to the world’s leading camera manufacturers—including Nikon, Sony, Canon, Olympus, and Fuji—urging them to build encryption into their still photo and video cameras to help protect the filmmakers and photojournalists who use them.

The letter is signed by over 150 documentary filmmakers and photojournalists from around the world, including fifteen Academy Award nominees and winners, such as Laura Poitras, Alex Gibney, Joshua Oppenheimer, and many more. You can read the full text below.

During the Q&A (which was broadcast live from the Pardon Snowden Periscope account) Snowden discussed the data that many online companies continue to collect about their users, creating a “quantified world” — and more opportunities for government surveillance.

“If you are being tracked, this is something you should agree to, this is something you should understand, this is something you should be aware of and can change at any time,” he said.

In recent years, privacy issues have become a growing concern among free-software projects and users. As more and more software tasks become web-based, surveillance and tracking of users is also on the rise. While some software may use advertising as a source of revenue, which has the side effect of monitoring users, the Django community recently got into an interesting debate surrounding a proposal to add user tracking—actually developer tracking—to the popular Python web framework.

In a clear message to US President-elect Donald Trump, the famed National Security Agency (NSA) whistleblower Edward Snowden has said that government surveillance programmes will create “vulnerabilities” for social media users.

“The same technologies that are being used to connect us, to tie us together, to let you listen to this right now, are also being used to make records about your activity. Recording the activities of someone creates vulnerabilities for them,” Snowden said during a question-and-answer session with Twitter CEO Jack Dorsey CEO on the live video app Periscope owned by the micro-blogging site.

Former US intelligence contractor Edward Snowden says he is not worried about his fate and future under US President-elect Donald Trump, who assumes office in January.

“I’m not worried,” Snowden said in an interview with Twitter on Tuesday, when asked if he is worried a Trump presidency could lead to his imprisonment. “I’m comfortable with the decisions that I made. I believe that I did the right thing.”

NSA whistleblower Edward Snowden has warned Donald Trump, as US President, could do a deal with Russian leader Vladimir Putin to extradite or imprison the whistleblower.

In an hour-long live-streamed video interview on Periscope with Twitter CEO Jack Dorsey today, Snowden argued the US had trapped him in Russia when it cancelled his passport. The ex-NSA IT nerd added the incoming White House administration – which seemingly has better relations with the Russian government than the Obama regime – may be able to get him kicked out of the country and delivered into the hands of Uncle Sam, or otherwise imprisoned.

Civil Rights/Policing

The French National Assembly and Senate are about to extend the state of emergency established in France one year ago, on 13 November 2015, for the fith consecutive time. PM Bernard Cazeneuve’s administration is requesting a renewal until 15 July 2017 with no guarantee that this state of emergency will end. France is settling into a permanent state of Human Rights suspension and in limitations of civil liberties that become more difficult to block everyday. La Quadrature du Net is calling on MPs to deny this renewal and return to the Rule of Law and the respect of rights and liberties, in this period of crucial elections.

In the indictment read to the North Jakarta District Court, prosecutors argued the Christian and ethnic Chinese Basuki Tjahaja Purnama deliberately committed an action that was hateful, abusive and blasphemous.

The crime carries a maximum five years in prison.

The Governor, better known as Ahok, is facing a local governors election in February next year.

After the indictment was read, Ahok, who is represented by a team of 80 lawyers, told the court he could not understand why he was charged with blasphemy.

“I beg your honour to consider my defence note and consider whether charges by the prosecutor can be accepted or if you reject it so I can go back to serve Jakarta and build the city,” Ahok, told the court.

“I had no intention to interpret Al-Maidah or commit blasphemy against Islam or insult the clerics,” he said, referring to the fifth chapter of the Koran.

“My intention was solely for the rogue politicians who use the verse incorrectly during the election.”

Controversy arose after German Defense Minister Ursula von der Leyen and her entourage refused to wear hijab head coverings or the full length abaya garment while visiting Riyadh last week.

Von der Leyen said that she “respect[s] the customs and traditions of the country,” but added that, “No woman in my delegation will be required to wear the abaya, as the [right] to choose one’s attire is a right shared by men and women equally,” according to Iran Front Page.

In the summer of 1967, Secretary of Defense Robert McNamara commissioned a group of thirty-six scholars to write a secret history of the Vietnam War. The project took a year and a half, ran to seven thousand pages, and filled forty-seven volumes. Only a handful of copies were made, and most were kept under lock and key in and around the Beltway. One set, however, ended up at the RAND Corporation, in Santa Monica, where it was read, from start to finish, by a young analyst there named Daniel Ellsberg.

Until just a few months ago, George Ellard occupied a position of trust as top watchdog of the National Security Agency, America’s principal collector of signals intelligence. Ellard was not only NSA’s Inspector General, but an outspoken critic of Edward Snowden, the former contract employee who leaked hundreds of thousands of classified emails to publicly expose the agency’s domestic surveillance program. Snowden claimed, among other things, that his concerns about NSA’s domestic eavesdropping were ignored by the agency, and that he feared retaliation. Ellard publicly argued in 2014 that Snowden could have safely reported the allegations of NSA’s domestic surveillance directly to him.

Intellectual Monopolies

The World Intellectual Property Organization patent law committee this week became the latest venue for the global debate over the system to provide incentives to the pharmaceutical industry to find new medicines while ensuring all patients have access to those medicines. Most developing countries want the committee to discuss the recommendations of the United Nations Secretary-General’s High-Level Panel on Access to Medicines, while most developed countries disagree. The tone is rising, and the issue could come as a hurdle as countries decide the future work of the committee.

A new report by two civil society groups explores what they say are discrepancies between European Union and provider country laws implementing the Nagoya Protocol on genetic resources, which they say could lead to legal uncertainties for users and providers.

Trademarks

The EUIPO will have to reconsider a trade mark dispute between Nestlé and Mondelez, over the shape of the Kit Kat bar, after the General Court said that distinctive character must be proved in all EU member states

Copyrights

The conference ended with the panel discussion on future perspectives on copyright enforcement online with the participation of Julia Reda, MEP for the Pirate Party, Rüdiger Dossow, Secretary to PACE Committee of Culture, Science, Education and Media,ilvia Grundmann, Head of Media and Internet Governance Division of the Directorate General Human Rights and Rule of Law of the Council of Europe, Cécile Despringre, Executive Director of the Society of Audiovisual Authors, and Giancarlo Frosio and Prof Sean O’Connor from the CEIPI.”

Donald Trump will meet with some of the biggest technology companies during a round-table discussion in New York this afternoon. Ahead of the meeting the RIAA and an A to Z of music groups have written an open letter to the president-elect, pressing him over piracy and the protection of intellectual property rights.

Filmmakers and other rightsholders should not be allowed to aggressively exploit copyright law for financial gain. In a recent court order, an Oregon Judge denied the makers of The Cobbler a request for more than $17,000 in attorney fees, arguing that individual downloaders don’t have to pay for more than their fair share of the piracy problem.

The US Government has just released its new Joint Strategic Plan for Intellectual Property Enforcement. There’s a strong “follow the money” emphasis alongside cracking down on pirate advertising, domain hopping, search engine results, and abuse of social media.

What Else is New

The latest tactics of the patent microcosm are just about as distasteful as last month's (or last year's), with focus shifting to the courts and few broadly-misinterpreted patent cases (mainly Finjan, Berkheimer, and Aatrix)

The fightback against Section 101 and the US Supreme Court (notably Alice) seems to concentrate on old and new buzzwords, such as "Software as a Medical Device" ("SaMD") or "Fourth Industrial Revolution" ("4IR"), which the EPO recently paid European media to spread and promote

Infomercials are still dominant among news about patents, in effect drowning out the signal (real journalism) and instead pushing agenda that is detached from reality, pertinent facts, objective assessment, public interest and so on

A discussion about the infamous abundance of patent cases in the Eastern District of Texas (TXED/EDTX) and what this will mean for businesses that have branches or any form of operations there (making them subjected to lawsuits in that district even after TC Heartland)

The patent microcosm is so eager to stop the Patent Trial and Appeal Board (PTAB) that it's supporting sham deals (or "scams") and exploits/distorts the voice of the new USPTO Director to come up with PTAB-hostile catchphrases

Judgmental patent maximalists are still respecting high courts only when it suits them; whenever the outcome is not desirable they're willing to attack the legitimacy of the courts and the competence of judges, even resorting to racist ad hominem attacks if necessary

With or without the Unified Patent Court (UPC), which is the wet dream of patent trolls and their legal representatives, the EPO's terrible policies have landed a lot of low-quality patents on the hands of patent trolls (many of which operate through city-states that exist for tax evasion -- a fiscal environment ripe for shells)

The money-obsessed, money-printing patent office, where the assembly line mentality has been adopted and patent-printing management is in charge, is devaluing or diluting the pool of European Patents, more so with restrictions (monetary barriers) to challenging bad patents

he media in Europe continues to be largely apathetic towards the EPO crisis, instead relaying a bunch of press releases and doctored figures from the EPO; only blogs that closely follow EPO scandals bothered mentioning the new petition

The Patent Trial and Appeal Board (PTAB) sees the number of filings up to an almost all-time high and efforts to undermine PTAB are failing pretty badly -- a trend which will be further cemented quite soon when the US Supreme Court (quite likely) backs the processes of PTAB

The EPO is trying very hard to silence not only the union but also staff representatives; it's evidently worried that the lies told by Team Battistelli will be refuted and morale be affected by reality